Reputation: 99
Session not working the first time but second time it works
When the user logs in, the first page of retrieving data from the session is fine. When I go to another page, the session is blank.
I have found out that the session id changes, when the user logs in and is getting the first user page which is card.php. When going to for instance subscription.php, the session id is different for whatever reason.
I have tried to list useful code underneath:
log-user-in.php:
<?
session_start();
include('includingThis.php');
unset($_SESSION["emaillogin"]);
// Sørg for at e-mailen er undercased
$email = addslashes($_POST[email]);
$password = addslashes($_POST[pass]);
if ($email == "" || $password == "") {
header("Location: login.php?e=3");
exit;
die();
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: login.php?e=4");
exit;
die();
}
$email = strtolower($email);
// TJEK OM BRUGEREN FINDES
if ($stmt = $con->prepare("SELECT email, pass, uid, profilepic, paid FROM stnd_users WHERE email=?")) {
/* bind parameters for markers */
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($em, $pa, $u, $pp, $pai);
// Loop through each row in the result set
while ($stmt->fetch()) {
$gottenEmail = $em;
$gottenPass = $pa;
$uid = $u;
$profile_pic = $pp;
$paid = $pai;
}
$stmt->close();
}
if ($gottenEmail == "" || $gottenPass == "") {
header("Location: login.php?e=5");
exit;
die();
}
if (password_verify($password, $gottenPass)) {
// BRUGER LOGGES IND
// NÅR BRUGEREN FINDES, OG KODEN ER KORREKT
if ($uid != "") {
$_SESSION["user"] = $uid;
if ($paid == "true") {
// Bruger har betalt
if ($profile_pic == "true") {
header("Location: user/card.php");
exit;
} else {
header("Location: user/profilepic.php");
exit;
}
} else {
// Bruger har IKKE betalt
header("Location: user/inactive.php");
exit;
}
} else {
//DER ER SKET EN FEJL, INTET UID
header("Location: login.php?e=6");
exit;
die();
}
} else {
//Oplysningerne er ikke korrekte, har du tastet rigtigt?
// (Kode ikke korrekt)
header("Location: login.php?e=5");
exit;
die();
}
?>
Upvotes: 1
Views: 1315
Answers (2)
Reputation: 63
After the header redirect, end the current script using exit();
Maybe you misssed something from this answer:
PHP session lost after redirect
You can also check the session status detailed here :
Check if PHP session has already started
https://www.w3schools.com/php/php_sessions.asp
Or, just as Rikudou_Sennin pointed out, you must have omitted accidentally somewhere the php line session_start(); before defining or accessing the session variable/s.
Upvotes: 1
Reputation: 2567
1st You should save user credentials that you wants for further usage if User inputs for username and password matched with DB records with $_SESSION
include("..\includefiles\db.php");
$email =$_POST["email"];
$password = $_POST["password"];
$sql = "SELECT * FROM member WHERE email ='$email' AND password = '$password'";
$result = mysqli_query ($con,$sql);
if($row = mysqli_fetch_array($result)){
$_SESSION['ID'] = $row['id'];
$_SESSION['NAME'] = $row['name'];
$_SESSION['ROLE'] = $row['role'];
if($_SESSION['ROLE']=='a'){
header("Location: ..\dashBoard.php");
}else{
header("Location: ..\index.php");
}
After saving sessions all you have to do is to start the session with
session_start()
function in each page. Please note that session_start() function must be the very first thing in your document. Before any HTML tags.And then check the availability of the session and if session not set redirect to the login page. See the below code.
<?php
session_start();
if(isset($_SESSION["ROLE"])){
}else{
header("Location: login.php");
}
?>
<!DOCTYPE html>
Hope that you may able to grab something from this.
Upvotes: 0